Customization and Configuration in Salesforce ADM 201 Certification

Customization and Configuration in Salesforce

Welcome back to the Salesforce Admin Certification workshop on Day 2. in this session/post we will cover Customization and Configuration in Salesforce which covers 20% of Salesforce Admin Certification. The following are the main topics which cover in this section.

  • Company Setup
  • User Setup
  • Security Setup
  • UI Setup
  • Custom Profile and Permission Sets

Company Setup

Company Information Shows all the important information related to the company. You can also manage your licenses and entitlements. This page contains the information that was provided when your company signed up with Salesforce.

Company Setup in Salesforce

Fiscal Year

  • Standard fiscal year
  • Custom fiscal year (once enable, can not be disabled)
  • Used in forecasts reports

Business Hours:

  • Define the working hours for the support team.
  • If the organisation does not work on a day, put blank hours for it.

Holiday

Holiday define a date and time on which businesses are suspended. A recurring holiday can be set. If we set a recurring holiday for each month, the holiday will not be created if that date does not occur in that month. Holiday can be assigned with the business hour. We can associate 1000 holidays with each set of business hours.

User Setup

User Creation

  • Human vs non-Human user
  • License is required for user creation. (1 License = 1 User)
  • We need to define the profile and role to user.
  • 1 user can have only 1 role and 1 profile.
  • User can not be deleted.
  • 10 users can be created using add multiple user button. No matter if we have more licenses available.

Login History

  • Place to see all the login attempt of user.
  • If a user complaint about not able to login , login history is 1st place to check if user is an active user.

User Deactivate/Freeze

Sometimes if we do not want a user to login into Salesforce we can deactivate the user or freeze the user. In both, the user will not be able to login.

  • Freeze user only disable user from login.
  • Deactivation of user will release the license also and we can use that license to create another user.
  • Sometime we can not deactivate a user eg.
    • Default owner of leads
    • Default or automated case owner
    • Default lead creator or owner
    • Default workflow user
    • Recipient of workflow email alert
    • User selected in custom hierarchy field

Security Setup

Choosing the data set each user or group of users can see is one of the key decisions that affect the security of your Salesforce org or app. Once you’ve designed and implemented your data model, give some thought to the kinds of things your users are doing and the data they need to do it. Here is a list of all options with that we can control the security in Salesforce.

  • Profile
    • Object permission
    • Field Permission
    • Tab visibility
    • Login Hours
    • Login IP Ranges
  • Permission Set
  • Public Group 
  • Roles

Profile

Profile: It is a collection of settings and permission that a user can do in Salesforce. The following type of permission can be managed under the profile.

  • APP Permission:
  • Tab visibility: 
    • Default on 
    • Default off
    • Tab hidden
  • Object permission: Which object a user can see and what action can be performed.
  • Field Permission: Which fields user can see/edit, after he has access on that object. 
  • Login Hours: We can set the hours when a user can login into Salesforce org.
  • Login IP Ranges: 
    • We can set the allowed IP’s from which login is allowed.
    • Login from any other IP’s will not be allowed.
    • Do not set this for System admin profile.
    • We can set a range of IP’s.
  • System permission:
    • Export Report
    • View All Data
    • Modify All Data
    • Transfer Case/Leads
    • Password Never Expires

Password Policies: We can specify the company’s password requirement.

  • Can be set at the organisation level or profile level.
  • Profile level password policy overrides the org-wide password policy.

Profile vs Permission Set

Permission Set: Permission set extends the user’s access without making change into profile

ProfilePermission Set
User can have single profileMultiple permission set can be assigned to user.
We can restricted user access from here.It is always used for extending the access.
Record Type(default)/Page Layout can be assignedRecord Type(Default)/Page layout can not be assigned.
Login Hours/Login Ip Ranges can be managedLogin Hours/Login Ip Ranges can’t be managed
Password Policies can be setPassword Policies can’t be set

Record level Security

Organization-Wide Default

  • Used when we want to restrict the record level access of any object
  • We can set different org wides for different object.
  • We have following options to set.
    • Private (By default record will be visible to owner only)
    • Public read only (record will be visible to all users with read only access)
    • Public read/write
    • Public read/write/transfer (Lead/Case)
    • Controlled by parent
  • If an object is on detail side of master detail relationship, it’s org wide will be controlled by parent.
  • We use it to restrict the access. Serval other options are available to open up access.

Role Hierarchy

  • User can edit, view and report on data owned by him or any user below him in role hierarchy.
  • User can edit, view and report on data shared with him or any user below him in role hierarchy.
  • Grant Access Using Hierarchies can only be disabled for custom object only.
  • It can not restrict the access given by Org wide default.

Sharing Rule

  • Sharing rule can be used to share record with public group, role (not falling in role hierarchy.
  • It can not restrict the access given by Org wide default.
  • We can select the records to be shared by owner of records or criteria.
  • 300 Sharing rule can be defined for each object.
  • 50 Criteria based sharing rule can be set. (falls under 300)

Manual Sharing

  • Record can manually be shared with user, by clicking Share button on record detail page.
  • User should be 1 of following to provide manual sharing.
    • Record Owner
    • Having record full access

View All Data

  • This can be set at profile level.
  • Users having this access will be able to see all the records.

Modify All Data

  • This can be set at profile level.
  • Users having this access will be able to edit all the records.

UI Setup

List View: 

  • To frequently see the filtered data on object tab.
  • Sharing of list view can be managed

Global Action

  • Global action are used to perform some predefined action without leaving the current screen where user are currently working.
  • Action like create record, update record, send email can be performed

Customization and Configuration in Salesforce Video

Twist Your Mind

  1. What happened to records owned by a user, when a user is deactivated?
  2. Apex Hour uses Salesforce and want to onboard 5 new users, which should have the almost same access in Salesforce apart from 1 user who needs edit access on account in addition to all the access the other 4 users have. As a system admin, how will you achieve this?
Amit Chaudhary

Amit Chaudhary

Amit Chaudhary is Salesforce Application & System Architect and working on Salesforce Platform since 2010. He is Salesforce MVP since 2017 and have 17 Salesforce Certificates. He is a active blogger and founder of Apex Hours.

Share this article

31 Comments

  • These sessions are awesome and very detail.
    “Twist Your Mind” is good.
    Will you be posting answers for these?
    Also please start the similar one for Developer also.
    Thanks..

  • Customization and Configuration in Salesforce was very informative session Thank you

    • Glad you like the session. I hope this post will help you to clear you ADM 201 exam

  • Permission set

  • 1. Even if we deactivate user, there won’t be any change in the records.
    2. Permission set best suits for the requirement.

  • If we deactivate user, there won’t be any change in the record
    Create a Permission set for that one Single user to access the account while it can be avoided for other users to assign

  • Thanks for insightful session with detailed explanation which covers all basic sections

    1) If we deactivated user, there will no change in records until user ownership transfer.. If user left organization, It will affected, ideally we transfer default Ownership for object Leads, Opportunity etc. to avoid further issues, Their manager can access records based on their access.

    2) Permission set can give additional access to user.

  • Very useful and informative.Thanks for sharing the knowledge at free of cost.

  • To answer the twist your mind questions,
    1. Role Hierarchy can explain this issue. If the user is deactivated, anyone above that user in the Role Hierarchy will still have access. Then, they can reassign these records to a new user by Mass Transfer.
    2. I think it’s testing the Profile and Permission Set. In this case, you can add all multiple users under the same Profile. For the particular 1 User, you want to assign the Edit permission, add Assignment, and select the checkboxes next to the name you want to assign to the permission set.

    Thanks for the helpful workshop!

  • NO change in the records on deactivating the user .
    . Permission set will be the best option .(going by least access method)

  • Configuration and Setup | Salesforce Admin Certification Workshop DAY 2.

    nice session and information shared through both medium.. YouTube and website.. great work .
    Thanks

  • Finish watching the video and the first session is complete.

  • Session completed!

  • I have completed the session. It was a very detailed one and easy to understand. Thanks for the session.

  • Hi Amit,
    Thank you very much for “FREE Salesforce Admin Certification Training”. I completed “Day 2: Configuration and Setup” Session. It is really very helpful for new members who are willing to build their career in Salesforce like me. I am preparing for the Salesforce Admin certification exam under your guidance from Apexhours blog and YouTube channel.

  • I have completed this session.

    What happened to records owned by a user, when a user is deactivated?
    Records will be available within the org and can be transfer to other users and then the assigned user will be the new owner of the records.

    Apex Hour uses Salesforce and want to onboard 5 new users, which should have the almost same access in Salesforce apart from 1 user who needs edit access on account in addition to all the access the other 4 users have. As a system admin, how will you achieve this?
    One profile with read access can we assigned to all users and then a permission set with edit access can be assigned to that one dedicated user.

  • I have completed “FREE Salesforce Admin Certification Training”. “Day 2: Configuration and Setup” Session. It was a very nicely explained & detailed session for us,who are just newbie into the salseforce ecosystem. Thanks ApexHours for such an informative session

  • I have completed this session.
    Thank you!

  • Just finished watching this session. Thank you @Amit.

  • I finished watching this session and the second step is complete.
    Thank you Sir @Amit

  • I have completed this session, thanks for bringing up this course!

  • Hi, I don’t see the PPT presentation on this page. Is it available for download/viewing?

    Thanks!

Leave a reply

Subscribe for Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 3,541 other subscribers

Our Supporter

RECENT POSTS

Apex Hours

Apex Hours is one stop platform to learn Salesforce skills and technology

Join our Newsletter and get tips and tricks how to explore the salesforce for free!